3 Why has the use of surveillance increased?
37. In considering the growth of databases and forms of surveillance, we set out to identify the factors and trends which have contributed to this growth. Technological developments have increased capacity for surveillance, particularly in terms of the storage of large volumes of data, and the ability to search databases and share information through the use of interoperable systems. The commercial sector has sought to harness this new capability, recognising the competitive advantage that information about customers can bring when used to focus marketing and to design services. In the public sector this kind of technology is also used to facilitate the administration of services and in relation to matters such as border control and crime.
38. We begin by outlining the most significant technological developments in relation to surveillance potential. We move on to consider what motivates businesses to exploit this potential and how the private sector regards personal information as a valuable commodity. We then explore some of the Government's recent initiatives to collect and share information in a more efficient way, in order to deliver personalised, convenient services to citizens. We look at the public's expectation that Government agencies should provide services in a way which mirrors the techniques of the private sector, and we conclude by considering explicit calls for public bodies to collect and share more information about individuals and their activities.
39. Annexed to this report is a more detailed summary of the evidence and other material we considered on technological developments in relation to surveillance.
Databases and profiling
40. An increase in the storage capability of databases has been accompanied by the development of sophisticated technologies with the capacity to match and analyse different data-sets to reveal patterns. Where databases contain personal information, these kinds of technologies may be used to create profiles which in turn are produced "to make predictions about people and their likely behaviour ... [that] can be used in marketing, insurance, the health service and the financial sector". The Surveillance Studies Network adds to this list the development of "smart borders" and the use of passenger information to create "watch lists" of "dangerous passengers" or "identity groups" which might be regarded as posing a greater risk than others.
Databases may be searched automatically or 'mined' using a formula or algorithmwhich may itself have been created automatically by a computer programin order to identify and classify individuals into categories or groups on the basis of their recorded preferences or activities.
41. Ross Anderson, Professor of Security Engineering at the University of Cambridge and Chair of the Foundation for Information Policy Research, Pete Bramhall, Manager, Privacy and Identity Research, Hewlett-Packard Laboratories, and Dr Andy Phippen, Lecturer at the School of Computing, Communications and Electronics, University of Plymouth, agreed that in terms of surveillance capacity, the most significant technological development of the last 10 years had been the search engine. Professor Anderson said:
Previously, lots of information about people was kept on numerous, disparate databases, and a lot on paper in filing cabinets. Search engines mean that everything that is searchable is now findable if people have got the wit to look for it, and of course there are not merely the publicly available search engines, such as Google; there are search engines available to government and intelligence services which give access to information which is not generally available to the public. But overall the killer technology is search engines.
42. Pete Bramhall told us that, "coupled with search engine technology", he would add "the fairly recent rise in social networking capabilities on the Internet, the rise of things like MySpace and YouTube where people can post information about themselves". The Information Commissioner told us that "the growth of social network sites and online blogs raises the prospect of individuals leaving themselves open to increased surveillance".
Commercial motives for exploiting surveillance potential
The force behind technological change
43. We heard our witnesses compare the various factors that contribute to technological change in relation to surveillance. Professor Anderson told us that:
The UK is rather odd in that over the last few years a majority of the business won by our big systems houses has been public sector business rather than private sector business, but they are almost never developing new technology, they are simply using technology which has been developed mostly elsewhere for private-sector purposes.
44. Mr Bramhall and Dr Phippen added that take-up of new technologies, and attitudes towards them, could also drive technological development in making it a commercial success. Mr Bramhall said that "perhaps one of the drivers is actually coming from ... the recognition by the young that technology is definitely not to be feared". Dr Phippen told us that from his perspectiveresearch into public attitudes towards and engagement with ICTmore unpredictable than technological developments themselves was the way in which those developments were used:
I think there is an awful lot of, if you like, accidental adoption that goes on where people do things in a way that perhaps the creator of the technology did not think ... it is really the use and abuse of the technology in unpredictable ways that is the difficult thing to foresee.
The personalisation of products and services in the private sector
45. Commercial organisations collect and store personal information to target their communications and tailor their services. Nick Eland, Tesco's Legal Services Manager, told us that Tesco's Clubcard scheme offered benefits to customers but that:
to offer them we need a certain amount of information to ensure that the way we communicate with them and market to them fits what they want to hear and see ... We collect all their data and create profiles about those customers, better to understand their behaviour, again to ensure that when we do contact them we do so for the right purposes and in relation to products that would be of interest to them.
46. Tesco employs the company Dunnhumby to analyse the data from its cards. Nick Eland, Head of Legal Services at Tesco, emphasised that the aim of analysing the information was to provide products which matched consumers' needs more closely, and that Tesco's interest in the activities of individuals themselves was limited:
Dunnhumby does a lot of analysis on anonymised data; it is not looking at individuals but trying to look at broad ranges of customers as a whole better to understand their behaviour and enable us to achieve the goal of the scheme.
47. Lenders use the information collated by credit reference agencies to make decisions on loan applications. Mike Bradford, Director of Regulatory and Consumer Affairs at Experian, a credit reference agency, told us that "the consumer will be looking for speedy access to goods and services at a competitive rate and equally a lender needs to make a responsible lending decision".
48. Stephen Sklaroff described the change that technology had made to the context for credit-related decisions:
this technology and the existence of CRAs [credit reference agencies] has come about because the credit market now is very different from what it was perhaps 30 years ago. Then one's only way of getting credit in the legitimate regulated market, to put it that way, was to go to the local bank manager who would bring to bear to his decision whether or not to lend any personal knowledge he might have about the applicant or his family ... There are huge advantages to the consumer in the situation we now have where it is not reliant on that kind of immediate personal knowledge; it is a little more anonymous. But in order to make that system work one has to have reliable data on which the lender can draw in order to make a decision.
49. Companies which run search engines, collect and retain information that can link specific searches to individual userssearch terms, Internet Protocol or IP addresses (an IP address is the unique identifier of a computer connected to the internet), and details of how searches have been performedin order to improve the way in which a search engine returns results in response to users' searches.
50. The company Phorm has designed Webwise and OIX, services which track internet users' online behaviour in order to increase the effectiveness of advertising on the internet. These services have been taken up by some of the UK's biggest internet service providers but have been criticised on the grounds that if they are activated without the consent of the user, they infringe privacy and may fall foul of laws regulating the interception of communications. Phorm has given assurances that:
the systems have been configured so that the company does not have a record of the actual sites visited and search terms used by the user and in addition the advertising categories exclude certain sensitive terms and have been drawn widely so that the profiles that they hold for users will not inadvertently reveal the identity of a user or return advertising of a sensitive nature ... the ISP does not hold or have access to either the advertising categories users have been matched against or the user ID and does not keep a lasting record of internet traffic for any reason other than it would have originally.
51. In April 2008 the Information Commissioner took the view that Phorm could operate Webwise and Open Internet Exchange (OIX) in a way which is in compliance with the Data Protection Act and Privacy and Electronic Communications Regulations but must be sensitive to the concerns of users.
52. Technological advances in terms of the collection, storage and use of personal information have enabled the private sector to target its communications at particular groups of consumers and to provide more personalised services. The development of this capability has produced an increasing reliance on digitally-supported means of making decisions. We do not dispute the benefits to the consumer of an impartial decision-making process on the one hand and a more appropriate and convenient service on the other. We do, however, note that these benefits depend on the accuracy of the data collected and the security of the systems in which the data is held.
The value of information: profiting from surveillance
53. The Information Commissioner told us that "vast amounts of information are held on each of us in the private sector, in the financial area, in the retail area, loyalty cards and the credit reference agencies". The value of information on people's commercial activitiestheir buying preferences, shopping habits and consumer routineshas long been recognised by the private sector as a source of competitive advantage.
54. Tesco introduced its Clubcard scheme in 1995. Mike Tattersall, retail analyst at Cazenove, said in 2006 that Clubcard has since played a key role in Tesco's expansion, conveying "an array of material benefits across virtually every discipline of its business", and constituting "Tesco's most potent weapon in the ongoing battle for market share". Dunnhumby makes about £30 million a year by selling Tesco data to more than 200 consumer-goods companies, and has recently agreed to an extension of its work for Tesco into nine new markets worldwide.
55. Despite the potential for profit and the technological capacity to cross-reference information collected for different purposes, witnesses representing private sector organisations told us that there were limits to the ways in which companies would use personal information. For example, whilst Tesco offers personal finance services such as insurance, Nick Eland told us that information collected in applications "would not" be cross-referenced with buying patterns:
The scheme relies on customers trusting us and valuing the scheme. In our view, those kinds of actions would massively reduce that trust and, therefore, would not make the scheme effective. It is there to reward our customers primarily, and therefore, the concept of that sort of exercise would just damage the trust of the customers that shop in our stores.
Privacy gains: profiting from protection
56. The association between the collection of information and the trust of the public is one which links the surveillance carried out in the private and public sectors. We returned to this issue on a great many occasions during our inquiry. In the case of the private sector, several of our witnesses saw a direct link between trust and profit, which created a commercial imperative to protect personal information and privacy: losing the trust of customers would result in loss of revenue. The Information Commissioner told us that "in the private sector there are pressures to get it right which do not necessarily exist in the public sector".
57. We put the Commissioner's assertion to LMG, which runs the Nectar scheme. Martin Briggs, LMG's Corporate Affairs Director, told us that:
Data is our business; it is what we do. It is absolutely fundamental to getting it right that the trust of the collector is enhanced ... We are a commercial organisation and if we do not get it right we do not make money.
Political impetus for surveillance in the public sector
Harnessing technology and sharing information
58. The Transformational Government strategy, published by the Cabinet Office in 2005, set out a vision for the better use of technology to deliver public services and policy outcomes that have an impact on citizens' daily lives:
through greater choice and personalisation, delivering better public services, such as health, education and pensions, benefiting communities by reducing burdens on front line staff and giving them the tools to help break cycles of crime and deprivation; and improving the economy through better regulation and leaner government.
Better use of technology in Government has involved a determination to facilitate greater sharing of information across departments.
59. Two of the strands of work forming part of the Strategy are Shared Services and Common Infrastructure. John Suffolk, Her Majesty's Government Chief Information Officer outlined the aim behind these strands:
To enable greater certainty over the quality of the computer systems and networks that store and process Citizen Data it is logical to reduce these to a smaller number and share them so that greater investment and protection can be applied to the few rather than spread over the many.
Government Chief Information Officer
Her Majesty's Government Chief Information Officer chairs the Chief Information Officer Council (CIO) Council, which brings together CIOs from across all parts of the public sector.
According to the Government CIO, his role is to work with departmental CIOs and those undertaking IT-enabled change to ensure that their work is aligned in supporting the Transformational Government Strategy. The Government CIO provides leadership to the IT profession across the wider public sector, enables public service transformation through the strategic deployment of technology, drives the development of shared services and acts as the 'face' of UK Government IT at home and abroad.
We refer to the work of the CIO Council below at paragraph 137.
Information-sharing: improving public services by gaining public trust
60. In September 2006 the Government published its Information sharing vision statement. This set out the Government's aim to:
ensure that information will be shared to expand opportunities for the most disadvantaged, fight crime and provide better services for citizens and business, and in other instances where it is in the public interest.
The statement said that work to develop an identity management framework in the public sector would reduce the number of occasions on which individuals were incorrectly identified, and so given the wrong advice or directed to the wrong services.
61. The statement also committed the Government to exploring how it might "provide citizens with more information about which public sector bodies hold information and what they use it for", a step which would act:
both to reassure citizens and to support public service effectiveness in enabling people to play their part in ensuring that information held about them is accurate and up-to-date.
62. In December 2006 HM Treasury published Sir David Varney's report on Service Transformation: a Better Service for Citizens and Businesses, a Better Deal for Taxpayers. In the foreword to his report Sir David said that:
Technology has enabled a revolution in the way service providers interact with their customers. These changes are continuing as citizens and businesses seek better value for money and greater convenience.
63. Sir David argued that service transformation was "not about ... investing in new technology" but rather that it was concerned with co-ordinating services "more directly around the needs of citizens and businesses" by means of measures such as "improved co-ordination of front-line e-services" and "reducing duplication of business processes through shared use of an identity management system". Amongst the changes recommended by the report were those which promoted the use of electronic means of entering, storing and sharing information in order to provide services".
64. A report on the Government's policy review of public services, carried out in 2006 and 2007, made several references to the benefits of sharing data across Government and to the Government's desire to harness all available technology in delivering public services:
Sharing data between health and education services might help to provide a more comprehensive response to citizens' need than if these services were to act independently.
It is now theoretically possible to compile a comprehensive DNA database and to use biometric identification on an identity card or an electronic patient record. The combination of these databases could be very effective in delivering personalised healthcare servicesas well as in other areas, such as combating crime.
65. One of the most widely publicised conclusions of the Review team echoed Sir David Varney's conclusion that it was difficult for public services to be responsive to demand because of rules on data-sharing. The experience of a family who had a total of 44 contacts with government over 180 days in an effort to make necessary arrangements after a member of the family died in a road accident, was given as an example of such difficulties.
66. The Review report stated that "the public must be confident that the information gathered will not fall into the wrong hands and be misused" and that "the Government recognises the importance of ensuring that data and information sharing are done responsibly". In response to the findings of the Review, however, the Information Commissioner's comments registered a degree of concern at the Government's drive to collect and share information:
There are reasons why we need to promote better information but whether the right answer is to create a database should be questioned.
Meeting public expectations generated by technological developments and private sector services
67. We asked the Government's Chief Information Officer for his assessment of the most significant developments in technology from the point of view of delivering public services. John Suffolk identified three key developments:
Growth of the Internet: underpinning most major economies and most successful businesses
Convergence of communications methods: blurring boundaries between mobile communications and fixed lines
Decrease in the size of devices.
68. The combined effect of these developments has been significant in terms of Government's use of technology to collect, store and search personal information. John Suffolk told us that Government had to harness new capability in order to meet expectations that public services should be delivered in the same convenient way as private sector services are provided:
When you put those things together what is happening is that every technology and every system is available where you are when you want to use it and that fundamentally is changing citizens' outlooks and customers' outlooks in terms of what they see as the normal service that they expect. It is not a service for our convenience; it is a service for their convenience, and those things are happening in every walk of life.
The move towards personalised public services, accessed in ways which meet the needs and wishes of the individual, reflects trends observed in the private sector and has led to the collection and storage of increasing amounts of information.
Public demand for surveillance
69. The public may have come to expect from government the ability to handle information and deliver personalised services in the same way as the private sector, and may not necessarily see the collection of information for the delivery of these services as surveillance. In other areas, increases in the reach and extent of surveillance have been implemented amidst explicit calls for such increases from some sections of the public.
70. When we asked the Information Commissioner about the social impetus for surveillance he identified "one of the dilemmas" faced by his Office:
by and large people value their own privacy very significantly indeed. They want their own personal information safeguarded to a great extent ... They are rather less concerned about other people's privacy and other people's data.
71. We explored with the Information Commissioner two areas in which we had detected that there was public demand for surveillance and information-sharing for the purposes of public safety: CCTV or surveillance camera coverage and the sharing of intelligence held by the police.
72. The Commissioner told us that he fully accepted that "there is and has been for some time strong demand for CCTV". Several Home Office studies have found evidence of strong public support for surveillance cameras. One found that "the level of support for CCTV remained high at over 70% of the sample in all but one area" of the 13 schemes the study had assessed. Other research found that "levels of support for CCTV are high, although it was not clear that respondents were fully informed about how it functioned".
The Bichard Inquiry and the sharing of police intelligence
73. The Bichard Inquiry into the events surrounding the Soham murders in August 2002 made recommendations for a new system to enable not only information about convictions but also police intelligence to be made available for the purposes of public protection. Whilst David Smith, Deputy Information Commissioner, rejected allegations made at the time of the Inquiry that data protection legislation was to blame for information about Ian Huntley not being shared, he acknowledged that "there was pressure for more sharing of information".
74. The Deputy Commissioner told us that "it was not a question of more information needing to be made available; the system that was there did not work". He went on to say that there was "much to be commended" about the system that is now in place but suggested that the implementation of the new system had significant implications for individual privacy:
we remain convinced that we could have had a system that protects children just as well with less impact on individuals' privacy; without things like shoplifting convictions that people had when they were teenagers coming out 15 years later when they apply for a job. It is a complex problem, and the solution is not sophisticated enough. We could have done better.
75. In setting out the steps taken by the police to implement standards in relation to data security and information-sharing, Chief Constable Peter Neyroud, Chief Executive of the National Policing Improvement Agency told us that the police were "about three-quarters of the way down the list of Bichard's recommendations" and that the establishment of the Police National Database (a single source of detailed information relating to people, objects (such as cars), locations and events that will link data currently held on local systems with that held on national systems such as the Police National Computer (PNC)) would signal the completion of "the major recommendations under Bichard".
76. A strong common theme is emerging in both the private and public sector: a move towards more personalised services which require the service provider to collect information from individuals in order for the service to be effective. Whilst the outcome may be more personalised, however, the trend in terms of input is a standardisation of the information requested with a tendency to collect information which may identify an individual even where this is not needed in order to provide or improve services.
77. We recognise the desire of private and public sector service providers to make full use of the opportunities provided by technology in relation to targeting and facilitating access to services and products. We also accept that advances in technology have heightened the public's expectations of what technology can deliver not only in terms of convenience but also in connection with the prevention and investigation of crime. The elimination of technological barriers to the collection, storage and sharing of large volumes of information, however, has significant implications for individual privacy and potentially for society at large.
78. The Government should be open about its intentions in relation to collecting personal information, and should make sufficient time for public and Parliamentary debate on its proposals. In general the Government should move to curb the drive to collect more personal information and establish larger databases.
31 Ev 166 Back
32 Surveillance Studies Network, A Report on the Surveillance Society: Public Discussion Document (September 2006), p 6 Back
33 Q 180 (Professor Anderson) Back
34 Q 181 (Pete Bramhall) Back
35 Ev 259 Back
36 Q 184 (Professor Anderson) Back
37 Q 185 (Pete Bramhall) Back
38 Qq 190-1 (Dr Phippen) Back
39 Qq 122-3 (Nick Eland) Back
40 Q 138 (Nick Eland) Back
41 Q 113 (Mike Bradford) Back
42 Q 115 (Stephen Sklaroff) Back
43 "Phorm's internet-tracking service is 'illegal'", Times Online, 18 March 2008 Back
44 Information Commissioner's Office, Phorm-Webwise and Open Internet Exchange: The Information Commissioner's current view on the Phorm Webwise and Open Internet Exchange products, April 2008. Available at: http://www.ico.gov.uk/ Back
45 Q 10 (Richard Thomas) Back
46 "Eyes in the Till", Financial Times, 11 November 2006 Back
47 Ibid. Back
48 "Dunnhumby and Tesco team up to benefit consumers around world", Tesco press release, 14 April 2008 Back
49 Q 133 (Nick Eland) Back
50 Q 10 (Richard Thomas) Back
51 Q 144 (Martin Briggs) Back
52 Cabinet Office, Transformational Government: enabled by technology, Cm 6683, November 2005, p 3 Back
53 Ev 254 Back
54 Ev 253 Back
55 Information sharing vision statement, September 2006, pp 3-5 Back
56 Ibid., paras 13 and 16 Back
57 Ibid. Back
58 Sir David Varney, Service Transformation: a Better Service For Citizens and Businesses, a Better Deal for Taxpayers, December 2006, p 1 Back
59 Ibid., pp 2-3 Back
60 Prime Minister's Strategy Unit, Building on Progress: Public Services (March 2007), p 19 Back
61 Ibid., p 20 Back
62 "Whitehall plan for huge database", BBC News Online, 21 March 2007 Back
63 Prime Minister's Strategy Unit, Building on Progress: Public Services (March 2007), p 20 Back
64 "Whitehall plan for huge database", BBC News Online, 21 March 2007 Back
65 Q 398 (John Suffolk) Back
66 Ibid. Back
67 Q 6 (Richard Thomas) Back
68 Ibid. Back
69 Gill and Spriggs, Assessing the impact of CCTV (London: Home Office Research, Developments and Statistics Directorate, 2005), p ix Back
70 Spriggs, Argomaniz et al, Public attitudes towards CCTV: results from the Pre-intervention Public Attitude Survey carried out in areas implementing CCTV", Home Office Online Report (October 2006), p 49 Back
71 Q 7 (David Smith) Back
72 Q 9 (David Smith) Back
73 Q 468 (Chief Constable Neyroud) Back